-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependency to vulnerable version of growl #31
Comments
Nice. Okay, I'll give a PR to increase to v4. |
stjohnjohnson
added a commit
that referenced
this issue
Oct 23, 2017
BREAKING CHANGE - Upgrading major version of Mocha
stjohnjohnson
added a commit
that referenced
this issue
Oct 23, 2017
feat(#31): Upgrade NPM dependencies
|
Thank you for quick response! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently jenkins-mocha depends on mocha ^3.0.0, which installs vulnerable version of growl (1.9.2).
https://github.com/stjohnjohnson/jenkins-mocha/blob/master/package.json#L29
Upgrading to mocha 4.0.0 or above should fix this, but I’m not sure whether simple upgrade won’t cause any problem.
mochajs/mocha@e39a867
The text was updated successfully, but these errors were encountered: